π Server-side Parameter Pollution (API Testing)
π https://hacklido.com/blog/848-server-side-parameter-pollution-api-testing
π https://hacklido.com/blog/848-server-side-parameter-pollution-api-testing
HACKLIDO
Server-side Parameter Pollution (API Testing)
Server-side parameter pollution Some systems contain internal APIs that arenβt directly accessible from the internet. Server-side parameter pollution occu...
π§ CyberWeekly 22' June | Issue #4
[?!] VDPS for career launch, LSASS decryption, Nmap port scanning. Anonymity with ProxyChains, TOR, Kali Linux, Kaspersky ban, major breaches, and cutting-edge tools.
π https://hacklido.substack.com/p/cyberweekly-22-june-issue-4
[?!] VDPS for career launch, LSASS decryption, Nmap port scanning. Anonymity with ProxyChains, TOR, Kali Linux, Kaspersky ban, major breaches, and cutting-edge tools.
π https://hacklido.substack.com/p/cyberweekly-22-june-issue-4
π1π₯1
π Reverse engineering LSASS to decrypt DPAPI keys
π https://hacklido.com/blog/849-reverse-engineering-lsass-to-decrypt-dpapi-keys
π https://hacklido.com/blog/849-reverse-engineering-lsass-to-decrypt-dpapi-keys
HACKLIDO
Reverse engineering LSASS to decrypt DPAPI keys
Before you start reading this post Iβd like to point out that this is not a practical technique, no sane person would manually hunt for DPAPI blobs and d...
π1
π USA Bans Kaspersky Lab - A Critical Move to Safeguard Cybersecurity
π https://hacklido.com/blog/850-usa-bans-kaspersky-lab-a-critical-move-to-safeguard-cybersecurity
π https://hacklido.com/blog/850-usa-bans-kaspersky-lab-a-critical-move-to-safeguard-cybersecurity
HACKLIDO
USA Bans Kaspersky Lab - A Critical Move to Safeguard Cybersecurity
In a decisive effort to protect national security and maintain the integrity of its information and communication technology infrastructure, the United Sta...
β€1
π Recent Supply Chain Cyberattacks and lessons learnt from that
π https://hacklido.com/blog/851-recent-supply-chain-cyberattacks-and-lessons-learnt-from-that
π https://hacklido.com/blog/851-recent-supply-chain-cyberattacks-and-lessons-learnt-from-that
HACKLIDO
Recent Supply Chain Cyberattacks and lessons learnt from that
Understanding Supply Chain Cyberattacks A supply chain cyberattack targets third-party vendors within an organizationβs supply chain. Historically, these a...
π How to Respond to Incident or Attacks & How not to screw up the crime scene
π https://hacklido.com/blog/852-how-to-respond-to-incident-or-attacks-how-not-to-screw-up-the-crime-scene
π https://hacklido.com/blog/852-how-to-respond-to-incident-or-attacks-how-not-to-screw-up-the-crime-scene
HACKLIDO
How to Respond to Incident or Attacks & How not to screw up the crime scene
βIf you canβt decipher our data, then why are you here?β This is a common reaction when our team arrives. Now, let me explain everything while covering:...
π₯1
π Reverse engineering of natively compiled .NET applications
π https://hacklido.com/blog/855-reverse-engineering-of-natively-compiled-net-applications
π https://hacklido.com/blog/855-reverse-engineering-of-natively-compiled-net-applications
HACKLIDO
Reverse engineering of natively compiled .NET applications
Explore the internals of applications built using native ahead-of-time (AOT) compilation. The .NET 7 platform debuted a new deployment model: forward nati...
π3
π Introduction to Secure Software Development Lifecycle (SSDLC)
π https://hacklido.com/blog/861-introduction-to-secure-software-development-lifecycle-ssdlc
π https://hacklido.com/blog/861-introduction-to-secure-software-development-lifecycle-ssdlc
HACKLIDO
Introduction to Secure Software Development Lifecycle (SSDLC)
Security should be integrated into every stage of the software development lifecycle. Description The traditional Software Development Lifecycle (SDLC) foll...
π1
π Pentesting Active Directory - Complete Guide | Part 1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
π https://hacklido.com/blog/862-pentesting-active-directory-complete-guide-part-1
HACKLIDO
Pentesting Active Directory - Part 1 | Trees, Forest and Trust Relations
Let me introduce you to Active directory and familiarize with itβs components like trees, forest and trust relations Introduction Active Directory (AD) i...
β€2π₯1
π CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
π https://hacklido.com/blog/869-cve-2021-40444-rce-in-microsofts-mshtml-browser-rendering-engine-merkspy
HACKLIDO
CVE-2021-40444 - RCE in Microsoft's MSHTML browser rendering engine | MerkSpy
FortiGuard Labs detected an attack exploiting the CVE-2021-40444 vulnerability in Microsoft Office, which allows attackers to execute malicious code via sp...
π1
π Pentesting Active Directory - Complete Guide | Part 2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
π https://hacklido.com/blog/863-pentesting-active-directory-complete-guide-part-2
HACKLIDO
Pentesting Active Directory - Part 2 | Access Control, Users, KRGBT, Golden ticket attack
Letβs learn about Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more. Active Directory (AD) authentication is a W...
π₯3β€1
π Pentesting Active Directory - Complete Guide | Part 3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
π https://hacklido.com/blog/864-pentesting-active-directory-complete-guide-part-3
HACKLIDO
Pentesting Active Directory - Part 3 | Recon with AD Module, Bloodhound, PowerView & Adalanche
Letβs learn about generic reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche The process of finding a Domai...
π2π₯1
π Pentesting Active Directory - Complete Guide | Part 4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
π https://hacklido.com/blog/865-pentesting-active-directory-complete-guide-part-4
HACKLIDO
Pentesting Active Directory - Part 4 | LLMNR Poisoning
Letβs learn about broadcast poisoning in AD - LLMNR Poisoning Or Link-Local Multicast Name Resolution Poisoning is an attack technique commonly used duri...
β€1π1
Hello π Hackers!
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
From the beginning, our vision has always been to create a open platform where anyone can start infosec blogging and soon start making $$, while maintaining access to knowledge open (free) for all readers.
We're excited to announce that very soon, we'll be rolling out an ad revenue split of up to 60% for the writers! This is our way to incentivize the bloggers on the platform (present + future ones).
So, If you've ever thought about sharing your insights and expertise, now is the perfect time to start blogging at Hacklido. This will help you to capture the moment when our new revenue split rolls out π
Stay tuned for more updates. Your support means the world to us. β€οΈ Keep writing, keep sharing, and let's make this journey even more amazing!
Cheers,
The Hacklido Team
π10β€5π₯5π€©1
π Pentesting Active Directory - Complete Guide | Part 5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
π https://hacklido.com/blog/866-pentesting-active-directory-complete-guide-part-5
HACKLIDO
Pentesting Active Directory - Part 5 | Lateral Movement, Privilege Escalation & Tools
Letβs learn about Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal Introduction Once inside the network, t...
β€3π1
π Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
π https://hacklido.com/blog/871-stealthy-exploit-opens-door-for-pre-compilation-code-execution-autoconf
HACKLIDO
Stealthy Exploit Opens Door for Pre-Compilation Code Execution - Autoconf
Introduction Linux users often take pride in their ability to compile their own code. In spite of this, a subtle yet critical attack vector has existed fo...
β€1
π Pentesting Active Directory - Complete Guide @hacklido
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write@hacklido , start writing to monetize and promote all your infosec blogs!
Β» #1 - Active directory and familiarize with itβs components like trees, forest and trust relations
Β» #2 - Authentication, Authorization, Access Control, Users, KRGBT, Golden ticket attack and more
Β» #3 - reconnaissance & Enumeration in AD - Using AD Module, Bloodhound, PowerView & Adalanche
Β» #4 - LLMNR Poisoning
Β» #5 - Lateral movement, privilege escalation and some amazing tools that you can add to your arsenal
Β» #6 - Domain persistence and cross forest attacks
π Link to collection: https://hacklido.com/lists/6
More from the writer is on it's way »» Anyone can write
β€1π1π₯1π€―1
π Getting started with Snort IPS - A QuickStart Guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
π https://hacklido.com/blog/873-getting-started-with-snort-ips-a-quickstart-guide
HACKLIDO
Getting started with Snort IPS - A QuickStart Guide
Introduction Snort is an open source Intrusion Prevention System (IPS) that detects malicious network traffic by comparing the network packets to a set of...
π3β€2
π Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
π https://hacklido.com/blog/872-windows-remoting-difference-between-psexec-wmiexec-atexec-exec
HACKLIDO
Windows Remoting: Difference between psexec, wmiexec, atexec, *exec
If youβre anything like me, you discovered Impacket, either through a course, Ippsec, or your own research, and you look at the scripts. Your grin turns...
π1π₯1